If you would like to access /etc/shadow, you probaly make a new extension
that
interfaces PAM. Is there PAM extensoin for PHP4?? already??. I also would
like to get one if there is.
--
Yasuo Ohgaki
>
>Hi,
>
>Why do you want to access /etc/shadow from your PHP?. As a general
>rules of thumb that's a pretty bad idea. The reason for this is that
>/etc/shadow is owned by Root and it's *should* only be readable by
>Root
>and noone else.
>
>Now in answer to your question "Why your PHP" script can't read
>/etc/shadow is that if you're PHP script is running as Apache module
>(or even a stand alone CGI). Your User ID would most likely *not* be
>Root.
>Thus you are not allowed to read the /etc/shadow.
>
>You are able to fix this by running the Apache process as Root!
>THIS IS A VERY VERY bad idea but possible nonetheless as it is
>a huge security hazard.
>
>To configure Apache to run as Root, check out Apache doc
>
>HTH.
>
> > Hi,
> >
> > I am running apache server as user/group=apache/httpd
> > And want to access the shadow file to authenticate my users
> > from the system.
> >
> > shadow file is owned by root and chmod to 400.
> >
> > server-root:/5:28pm>ls -al /etc/shadow
> > -r-------- 1 root sys 27695 Feb 22 10:06 /etc/shadow
> >
> > I can access the shadow from cgi-bin / c code by giving the
> > chmod +s bit .
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
